They need to do what MacOS and Linux have done. There are safer ways to interact with and inspect the running state of the kernel in those operating systems (eBPF for Linux, a bunch of APIs I don’t know much about for MacOS). Software needs a way to do the shit it’s doing, you can’t just turn it off and provide no alternative.
If Microsoft provides a safe API, then Wine can translate calls to that API and approximate the same degree of protection for Linux boxen.
I also agree with the other person, you should still be allowed to fuck around with the kernel on your own box. Major software vendors should be discouraged from writing shit that directly runs in ring 0, but end users should be allowed to do whatever.
They need to do what MacOS and Linux have done. There are safer ways to interact with and inspect the running state of the kernel in those operating systems (eBPF for Linux, a bunch of APIs I don’t know much about for MacOS). Software needs a way to do the shit it’s doing, you can’t just turn it off and provide no alternative.
If Microsoft provides a safe API, then Wine can translate calls to that API and approximate the same degree of protection for Linux boxen.
I also agree with the other person, you should still be allowed to fuck around with the kernel on your own box. Major software vendors should be discouraged from writing shit that directly runs in ring 0, but end users should be allowed to do whatever.